Attachment 3853 Details for Bug 9254 – ekiga voip port check/test

ekiga voip port check/test

voip_ck (text/plain), 4.38 KB, created by Bit Twister on 2013-04-30 16:52:27 CEST

(hide)

Description:

Filename:

MIME Type:

Creator: Bit Twister

Created: 2013-04-30 16:52:27 CEST

Size: 4.38 KB

patch

obsolete

>#!/bin/bash
>#***********************************************************************
>#*
>#* voip_ck - check voip ports 
>#*
>#*   Verify ports used by ekiga are open on pc and accessable
>#*   through modem and pc firewall
>#*
>#* Uses nc from netcat-openbsd rpm to test port connections
>#*  and dig from bind-utils rpm to check sip.diamondcard.us servers.
>#* 
>#*     /etc/shorewall/rules snippet follows:
>#*
>#* # ekiga incomming SIP VoIP, Windows Messenger ports
>#* # If behind NAT router, http://wiki.ekiga.org/index.php/Ekiga_behind_a_NAT_router
>#* ACCEPT          $FW      net     udp     5000:5100
>#* ACCEPT          net      $FW     udp     5000:5100
>#*  
>#* # ekiga incomming H.323, Netmeeting ports
>#* ACCEPT          net      $FW     tcp     1720
>#* ACCEPT          $FW      net     tcp     1720
>#*  
>#* # ekiga UDP Through NAT (STUN) ports 
>#* ACCEPT          $FW      net     udp     3478:3479
>#* ACCEPT          net      $FW     udp     3478:3479
>#* 
>#***********************************************************************
>
>    set -u
>   _exe=$0
>   _app=$(basename $_exe)
>
>    _dport=0
>    _fault_msg="pc firewall blocking"
>    _ipv_mode="-4"
>    _lan_ip=$(/bin/hostname --ip-address)
>    _msg=""
>    _pkt_sw=""
>    _pkt="-u"
>    _registar="sip.diamondcard.us"
>    _servers=""
>    _servers_ip=""
>    _sport=38564
>    _svr_fn=/local/tmp/$_app.log
>    _target="$_lan_ip"
>    _test=""
>    _test_msg="LAN"
>    _wan_ip=$(wget -qO - http://myip.dnsomatic.com/)
>    
>    
>    port_ary=(
>    "3478 UDP STUN"
>    "3479 UDP STUN"
>    "5060 UDP SIP"
>    "5000 UDP SIP"
>    "5100 UDP SIP"
>    "7070 UDP RTP"
>    "16382 UDP RTP"
>    "30000 TCP old H323 H.245 "
>    "30010 TCP old H323 H.245 "
>    "1720 TCP H.323"
>    )
>   
>	#*************************************************
>	#* get registar's sip udp server and ip address
>	#*************************************************
>    while read -r line; do
>      set -- $line
>      _servers="$_servers $4"
>      set -- $(host $4)
>      _servers_ip="$_servers_ip $4"
>    done < <((dig +short _sip._udp.$_registar SRV))
> 
>	#*********************************************
>	#* ping by ip then by name to verify your
>	#* ip address is not blacklisted
>	#*********************************************
>	
>   echo "
>	  Testing registar sip servers by ip and name to verify your
>	  ip address is not blacklisted
>   "
>    
>   for _serv in $_servers_ip $_servers ; do
>      _cmd="ping -c1 -w 2 $_serv"
>      /bin/echo -n "$_cmd"
>      $_cmd > /dev/null 2>&1
>      if [ $? -ne 0 ] ; then
>        /bin/echo " FAILED"
>      else
>        /bin/echo " passed"
>      fi
>    done
>
>	#**************************************************
>	#* check pc firewall (LAN) then WAN router ports
>	#**************************************************
>    /bin/echo "
>	  Testing PC firewall (LAN) the Router (WAN) ports
>    "
>    
>    pkill -u $USER -f /bin/nc
>    for _test_msg in LAN WAN ; do
>      /bin/echo "Testing  $_test_msg $_target ports"
>      i=0
>      while [ $i -ne ${#port_ary[@]} ] ; do
>	set --  $(/bin/echo ${port_ary[$i]})
>	_dport=$1
>	_pkt=$2
>	_test=$3
>	
>	if [ "$_pkt" = "UDP" ] ; then
>	  _pkt_sw="-u"
>	else
>	  _pkt_sw=""
>	fi
>	
>	_test_args="$_ipv_mode -s $_sport $_pkt_sw  -w 2 $_target"
>	
>	/bin/echo -n "$_test $_pkt $_dport "
>	_msg="$_test_msg $_test_msg port ${port_ary[$i]}"
>	
>	/bin/nc $_ipv_mode -l $_pkt_sw $_dport > $_svr_fn  &
>	/bin/echo "$_msg" |/bin/nc  $_test_args $_dport 
>	_count=$(/bin/grep -c "$_msg" $_svr_fn)
>	if [ $_count -eq 0 ] ; then
>	  /bin/echo " FAILED"
>	  /bin/echo " "
>	  /bin/echo    "Sent:     $_msg "
>	  /bin/echo -n "Received: $_msg "
>	  /bin/cat $_svr_fn 
>	  netstat | grep  $_dport
>	  /bin/echo "$_test_msg $_pkt port ${port_ary[$i]} is not open"
>	  if [ "$_test_msg" = "LAN" ] ; then
>	    /bin/echo "$_fault_msg port $_dport"
>	    /bin/echo "Open port $_dport in ${_target}'s firewall"
>	    /bin/echo "Allow port $_dport in ${_target}'s /etc/hosts.allow or"
>	    /bin/echo "Remove port $_dport in ${_target}'s /etc/hosts.deny"
>	    /bin/echo " "
>	  else
>	    /bin/echo "$_test_msg $_pkt port ${port_ary[$i]} is not open"
>	    /bin/echo "Open/forward port $_dport to $_target in the router"
>	    /bin/echo " "
>	  fi
>	else
>	  /bin/echo " passed"
>	fi
>	let i="i + 1"
>      done
>      /bin/echo "
>      
>      "
>      _fault_msg="Router's firewall blocking"
>      _target="$_wan_ip"
>    done
>    
>    pkill -u $USER -f /bin/nc
>    
>    /bin/rm $_svr_fn 
>
>#****************** end voip_ck *********************************************
>

#!/bin/bash
#***********************************************************************
#*
#* voip_ck - check voip ports 
#*
#*   Verify ports used by ekiga are open on pc and accessable
#*   through modem and pc firewall
#*
#* Uses nc from netcat-openbsd rpm to test port connections
#*  and dig from bind-utils rpm to check sip.diamondcard.us servers.
#* 
#*     /etc/shorewall/rules snippet follows:
#*
#* # ekiga incomming SIP VoIP, Windows Messenger ports
#* # If behind NAT router, http://wiki.ekiga.org/index.php/Ekiga_behind_a_NAT_router
#* ACCEPT          $FW      net     udp     5000:5100
#* ACCEPT          net      $FW     udp     5000:5100
#*  
#* # ekiga incomming H.323, Netmeeting ports
#* ACCEPT          net      $FW     tcp     1720
#* ACCEPT          $FW      net     tcp     1720
#*  
#* # ekiga UDP Through NAT (STUN) ports 
#* ACCEPT          $FW      net     udp     3478:3479
#* ACCEPT          net      $FW     udp     3478:3479
#* 
#***********************************************************************

    set -u
   _exe=$0
   _app=$(basename $_exe)

    _dport=0
    _fault_msg="pc firewall blocking"
    _ipv_mode="-4"
    _lan_ip=$(/bin/hostname --ip-address)
    _msg=""
    _pkt_sw=""
    _pkt="-u"
    _registar="sip.diamondcard.us"
    _servers=""
    _servers_ip=""
    _sport=38564
    _svr_fn=/local/tmp/$_app.log
    _target="$_lan_ip"
    _test=""
    _test_msg="LAN"
    _wan_ip=$(wget -qO - http://myip.dnsomatic.com/)
    
    
    port_ary=(
    "3478 UDP STUN"
    "3479 UDP STUN"
    "5060 UDP SIP"
    "5000 UDP SIP"
    "5100 UDP SIP"
    "7070 UDP RTP"
    "16382 UDP RTP"
    "30000 TCP old H323 H.245 "
    "30010 TCP old H323 H.245 "
    "1720 TCP H.323"
    )
   
	#*************************************************
	#* get registar's sip udp server and ip address
	#*************************************************
    while read -r line; do
      set -- $line
      _servers="$_servers $4"
      set -- $(host $4)
      _servers_ip="$_servers_ip $4"
    done < <((dig +short _sip._udp.$_registar SRV))
 
	#*********************************************
	#* ping by ip then by name to verify your
	#* ip address is not blacklisted
	#*********************************************
	
   echo "
	  Testing registar sip servers by ip and name to verify your
	  ip address is not blacklisted
   "
    
   for _serv in $_servers_ip $_servers ; do
      _cmd="ping -c1 -w 2 $_serv"
      /bin/echo -n "$_cmd"
      $_cmd > /dev/null 2>&1
      if [ $? -ne 0 ] ; then
        /bin/echo " FAILED"
      else
        /bin/echo " passed"
      fi
    done

	#**************************************************
	#* check pc firewall (LAN) then WAN router ports
	#**************************************************
    /bin/echo "
	  Testing PC firewall (LAN) the Router (WAN) ports
    "
    
    pkill -u $USER -f /bin/nc
    for _test_msg in LAN WAN ; do
      /bin/echo "Testing  $_test_msg $_target ports"
      i=0
      while [ $i -ne ${#port_ary[@]} ] ; do
	set --  $(/bin/echo ${port_ary[$i]})
	_dport=$1
	_pkt=$2
	_test=$3
	
	if [ "$_pkt" = "UDP" ] ; then
	  _pkt_sw="-u"
	else
	  _pkt_sw=""
	fi
	
	_test_args="$_ipv_mode -s $_sport $_pkt_sw  -w 2 $_target"
	
	/bin/echo -n "$_test $_pkt $_dport "
	_msg="$_test_msg $_test_msg port ${port_ary[$i]}"
	
	/bin/nc $_ipv_mode -l $_pkt_sw $_dport > $_svr_fn  &
	/bin/echo "$_msg" |/bin/nc  $_test_args $_dport 
	_count=$(/bin/grep -c "$_msg" $_svr_fn)
	if [ $_count -eq 0 ] ; then
	  /bin/echo " FAILED"
	  /bin/echo " "
	  /bin/echo    "Sent:     $_msg "
	  /bin/echo -n "Received: $_msg "
	  /bin/cat $_svr_fn 
	  netstat | grep  $_dport
	  /bin/echo "$_test_msg $_pkt port ${port_ary[$i]} is not open"
	  if [ "$_test_msg" = "LAN" ] ; then
	    /bin/echo "$_fault_msg port $_dport"
	    /bin/echo "Open port $_dport in ${_target}'s firewall"
	    /bin/echo "Allow port $_dport in ${_target}'s /etc/hosts.allow or"
	    /bin/echo "Remove port $_dport in ${_target}'s /etc/hosts.deny"
	    /bin/echo " "
	  else
	    /bin/echo "$_test_msg $_pkt port ${port_ary[$i]} is not open"
	    /bin/echo "Open/forward port $_dport to $_target in the router"
	    /bin/echo " "
	  fi
	else
	  /bin/echo " passed"
	fi
	let i="i + 1"
      done
      /bin/echo "
      
      "
      _fault_msg="Router's firewall blocking"
      _target="$_wan_ip"
    done
    
    pkill -u $USER -f /bin/nc
    
    /bin/rm $_svr_fn 

#****************** end voip_ck *********************************************

Actions: View

Attachments on bug 9254: 3853 | 3896